While Cloud Next is traditionally a software-focussed event, Google last month announced its own line of two-factor authentication (2FA) devices. Titan Security Keys are primarily aimed at high-value IT administrators, but Google is also making them widely available through the Google Store for any security-conscious user to purchase.

Security Keys are regarded as the best way to protect against phishing and prevent other methods of account hijacking. After users log into a Google Account, Twitter, Facebook, or any other service that supports the FIDO Universal 2nd Factor protocol, they’ll be asked to press a button on the Security Key physically plugged into a device or connected via Bluetooth.

There is a whole ecosystem of 2FA keys, but Google created its own after hearing from enterprise Cloud customers that wanted a first-party solution. Google’s Titan Security Key features custom firmware on the secure element that verifies the physical integrity of the device. It prevents tampering and any attempts to extract the unique cryptographic material on the device.

The Titan Security Key Bundle contains two devices with Google recommending that both be associated with your Google Account even for regular users not enrolling in the Advanced Protection program aimed at journalists, political campaigns, and other “at risk” figures.

The first is a teardrop-shaped fob that’s meant to be carried by users at all times. Connectivity includes Bluetooth, USB, and NFC, but the latter connection won’t be usable on Android until later this year.

In the meantime, users can pair over Bluetooth Low Energy and press the oval physical button to confirm sign-in attempts. Given the presence of Bluetooth, this Security Key is battery-powered and unfortunately charges over microUSB.

Google includes a microUSB to USB-A cable to power the device with the battery rated for six months of usage. The cable also allows users to connect this Key to a computer or phone for wired authentication. A USB-A to USB-C adapter is also included in the box to allow 2FA on newer devices.

The second device is key-shaped and features USB-A, as well as the currently inactive NFC for Android. When logging in, users click a gold-colored button that minimally indents and features a blinking light at the center. Google advises that you keep this key in a safe place as a backup.